Prosody with relayd(1) TLS termination
15 views
Skip to first unread message
Emma Tebibyte
Mar 25, 2025, 11:15:56 AMMar 25
to prosod...@googlegroups.com
I have been working on getting my prosody installation behind the
relayd(1) reverse proxy on OpenBSD. Everything seems to be in order
except that prosody won’t let me use unencrypted authentication. My
configuration file explicitly disables TLS and contains the following:
allow_unencrypted_plain_auth = true
c2s_ports = { 5323 }
c2s_interfaces = { "127.0.0.1" }
c2s_require_encryption = false
s2s_ports = { 5370 }
s2s_interfaces = { "127.0.0.1" }
s2s_require_encryption = false
s2s_secure_auth = false
The relayd(1) configuration for this looks like this:
relay xmpp_c2s {
listen on wg port 5223 tls
protocol "xmpp"
forward to <prosody> port 5323
}
relay xmpp_s2s {
listen on wg port 5270 tls
protocol "xmpp"
forward to <prosody> port 5370
}
I can’t figure this one out. Does anyone have any pointers?
--
Emma Tebibyte (fae/faer)
http://tebibyte.media/~emma
relayd(1) reverse proxy on OpenBSD. Everything seems to be in order
except that prosody won’t let me use unencrypted authentication. My
configuration file explicitly disables TLS and contains the following:
allow_unencrypted_plain_auth = true
c2s_ports = { 5323 }
c2s_interfaces = { "127.0.0.1" }
c2s_require_encryption = false
s2s_ports = { 5370 }
s2s_interfaces = { "127.0.0.1" }
s2s_require_encryption = false
s2s_secure_auth = false
The relayd(1) configuration for this looks like this:
relay xmpp_c2s {
listen on wg port 5223 tls
protocol "xmpp"
forward to <prosody> port 5323
}
relay xmpp_s2s {
listen on wg port 5270 tls
protocol "xmpp"
forward to <prosody> port 5370
}
I can’t figure this one out. Does anyone have any pointers?
--
Emma Tebibyte (fae/faer)
http://tebibyte.media/~emma
Reply all
Reply to author
Forward
0 new messages